$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2943/Oc-brg1QK0J-NIpW_rwLeJ0zk8k.roa File: Oc-brg1QK0J-NIpW_rwLeJ0zk8k.roa (raw, json) Hash identifier: zIA70jiRSHf9xGRKSkP9stQX0HwQ9vIhYkN07v13z8I= Subject key identifier: 39:CF:9B:AE:0D:50:2B:42:7E:34:8A:56:FE:BC:0B:78:9D:33:93:C9 Certificate issuer: /CN=D5C2CE1261E59FD76D3E3FB00E5EBA8E44DA30C9 Certificate serial: 06D1 Authority key identifier: D5:C2:CE:12:61:E5:9F:D7:6D:3E:3F:B0:0E:5E:BA:8E:44:DA:30:C9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/Oc-brg1QK0J-NIpW_rwLeJ0zk8k.roa Signing time: Tue 30 Sep 2025 04:34:02 +0000 ROA not before: Tue 30 Sep 2025 04:34:02 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139148 IP address blocks: 103.145.42.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1745 (0x6d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D5C2CE1261E59FD76D3E3FB00E5EBA8E44DA30C9 Validity Not Before: Sep 30 04:34:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=39CF9BAE0D502B427E348A56FEBC0B789D3393C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:fc:1c:6d:6a:f9:d6:f1:59:1e:90:e4:b1:75: 0c:e4:b6:fa:89:35:64:22:e1:af:e3:a9:0e:62:5c: ac:ab:60:0e:29:4e:63:05:dd:6b:64:ec:64:ce:7c: 2c:8d:bb:34:58:cb:0c:4e:04:77:71:54:42:14:e3: 09:ce:9b:f0:ae:4a:48:67:a7:24:37:1c:01:4f:2b: 2b:08:6c:16:10:a1:27:34:66:41:3a:01:77:26:6e: 22:7d:17:98:49:a5:01:26:71:4d:98:d1:43:93:57: e5:69:26:6c:71:3d:07:d9:c0:e8:79:07:5b:87:71: cf:69:59:c6:dd:ec:f7:ff:32:05:a6:64:f2:6b:7f: 8b:6f:38:94:8a:66:4d:95:e5:01:c5:51:55:35:38: be:7e:50:4d:29:14:24:0f:d0:c5:73:87:0a:cc:c7: 97:a3:91:4f:77:ad:42:82:e4:91:84:46:ea:18:a0: 14:53:1e:4f:2f:a3:26:21:61:a0:ec:74:8c:dc:e3: 49:38:4c:cb:e3:d5:7c:07:c9:e3:aa:25:6b:15:72: 2f:20:a5:01:e1:35:7c:7c:e3:cc:1e:a9:20:07:96: 5c:23:04:b9:a8:34:ae:4f:88:da:d0:9c:a3:ca:26: 91:c6:b1:6f:a9:e7:5b:b5:6d:49:ad:f6:68:2a:13: da:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:CF:9B:AE:0D:50:2B:42:7E:34:8A:56:FE:BC:0B:78:9D:33:93:C9 X509v3 Authority Key Identifier: keyid:D5:C2:CE:12:61:E5:9F:D7:6D:3E:3F:B0:0E:5E:BA:8E:44:DA:30:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/Oc-brg1QK0J-NIpW_rwLeJ0zk8k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.145.42.0/23 Signature Algorithm: sha256WithRSAEncryption e8:3a:07:71:78:dc:8c:06:ff:d9:53:a0:e0:85:e7:5e:77:3c: ce:f0:bc:fc:dd:2e:a5:7a:55:a9:7e:94:e3:18:24:f0:e3:9b: 6d:5e:cb:a0:55:24:9f:70:b3:47:25:23:b5:2b:3d:21:55:1a: 3a:88:f0:8e:29:5e:c2:da:14:d6:d1:0c:02:b1:67:8a:16:02: 59:43:41:42:66:d4:0c:d9:73:ec:fc:07:7e:e6:8d:a6:2a:7e: ac:b9:59:d9:33:e7:67:0b:86:f9:5c:50:38:3a:bc:f5:38:3d: dd:bb:a1:80:e8:f0:43:8c:82:9b:4f:ce:d1:67:e4:70:d0:78: 8b:c6:6a:8a:10:60:0c:b3:0d:d6:a7:de:d1:e6:e8:4c:cf:4d: 4a:d5:a2:a6:2d:68:42:27:a3:bb:d1:bc:fd:cc:60:a8:90:4d: db:04:b0:b1:f6:69:2d:d3:5d:9c:e4:f2:d2:4a:a1:89:4a:f2: 6e:1d:96:b8:44:46:a8:93:65:99:34:f2:88:3e:0b:57:4d:48: 95:9d:70:54:92:b4:42:29:8f:ba:b4:bf:5b:09:d7:12:74:fc: 50:f2:44:02:76:57:69:44:e9:00:6a:70:38:e0:42:a0:e9:90: de:9c:da:4c:2b:03:d2:7d:b9:92:0c:31:13:99:84:5f:59:28: 73:a9:5f:67 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBtEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDVD MkNFMTI2MUU1OUZENzZEM0UzRkIwMEU1RUJBOEU0NERBMzBDOTAeFw0yNTA5MzAw NDM0MDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM5Q0Y5QkFFMEQ1MDJC NDI3RTM0OEE1NkZFQkMwQjc4OUQzMzkzQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQ/BxtavnW8VkekOSxdQzktvqJNWQi4a/jqQ5iXKyrYA4pTmMF 3Wtk7GTOfCyNuzRYywxOBHdxVEIU4wnOm/CuSkhnpyQ3HAFPKysIbBYQoSc0ZkE6 AXcmbiJ9F5hJpQEmcU2Y0UOTV+VpJmxxPQfZwOh5B1uHcc9pWcbd7Pf/MgWmZPJr f4tvOJSKZk2V5QHFUVU1OL5+UE0pFCQP0MVzhwrMx5ejkU93rUKC5JGERuoYoBRT Hk8voyYhYaDsdIzc40k4TMvj1XwHyeOqJWsVci8gpQHhNXx848weqSAHllwjBLmo NK5PiNrQnKPKJpHGsW+p51u1bUmt9mgqE9oXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOc+brg1QK0J+NIpW/rwLeJ0zk8kwHwYDVR0jBBgwFoAU1cLOEmHln9dtPj+w Dl66jkTaMMkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk0 My8xY0xPRW1IbG45ZHRQai13RGw2NmprVGFNTWsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzFjTE9FbUhsbjlkdFBqLXdEbDY2amtUYU1Nay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5NDMvT2MtYnJnMVFLMEot TklwV19yd0xlSjB6azhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeRKjANBgkqhkiG9w0BAQsFAAOCAQEA6DoHcXjcjAb/2VOg4IXnXnc8zvC8 /N0upXpVqX6U4xgk8OObbV7LoFUkn3CzRyUjtSs9IVUaOojwjilewtoU1tEMArFn ihYCWUNBQmbUDNlz7PwHfuaNpip+rLlZ2TPnZwuG+VxQODq89Tg93buhgOjwQ4yC m0/O0WfkcNB4i8ZqihBgDLMN1qfe0eboTM9NStWipi1oQieju9G8/cxgqJBN2wSw sfZpLdNdnOTy0kqhiUrybh2WuERGqJNlmTTyiD4LV01IlZ1wVJK0QimPurS/WwnX EnT8UPJEAnZXaUTpAGpwOOBCoOmQ3pzaTCsD0n25kgwxE5mEX1koc6lfZw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:56:04 2025 by rpki-client